Today Amazon announced a free enhancement to its Simple Storage Service (S3) which will allow users to encrypt their data on upload, making S3 a secure storage site in the cloud.

From the announcement: Today we’re excited to announce a new encryption feature, Amazon S3 Server Side Encryption (SSE). Amazon S3 SSE provides you the ability to encrypt data stored at rest in Amazon S3. With Amazon S3 SSE, you can encrypt data on upload simply by adding an additional request header when writing the object to Amazon S3. Decryption happens automatically when data is retrieved.

Amazon S3 Server Side Encryption employs strong multi-factor encryption. Each object is encrypted with a unique key. As an additional safeguard, this key is itself encrypted with a regularly rotated master key. Amazon S3 Server Side Encryption uses one of the strongest block ciphers available — 256-bit Advanced Encryption Standard (AES-256) — to encrypt your data. For customers seeking to comply with certain regulations such as PCI and HIPAA, Amazon S3 Server Side Encryption may be used as part of an overall strategy to encrypt sensitive data for regulatory or compliance reasons.